Skip to main content

Stealth

7 CVEs product

Monthly

CVE-2024-23758 HIGH This Week

An issue discovered in Unisys Stealth 5.3.062.0 allows attackers to view sensitive information via the Enterprise ManagementInstaller_msi.log file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stealth
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2021-35056 MEDIUM PATCH This Month

Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 has an unquoted Windows search path for a scheduled task. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Microsoft Information Disclosure Stealth
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-28492 MEDIUM This Month

Unisys Stealth (core) 5.x before 5.0.048.0, 5.1.x before 5.1.017.0, and 6.x before 6.0.037.0 stores passwords in a recoverable format. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Stealth
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2021-3141 HIGH This Week

In Unisys Stealth (core) before 6.0.025.0, the Keycloak password is stored in a recoverable format that might be accessible by a local attacker, who could gain access to the Management Server and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Stealth
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-24620 HIGH This Week

Unisys Stealth(core) before 4.0.134 stores passwords in a recoverable format. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Stealth
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-12053 CRITICAL Act Now

In Unisys Stealth 3.4.x, 4.x and 5.x before 5.0.026, if certificate-based authorization is used without HTTPS, an endpoint could be authorized without a private key. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Stealth
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2018-6592 HIGH This Week

Unisys Stealth 3.3 Windows endpoints before 3.3.016.1 allow local users to gain access to Stealth-enabled devices by leveraging improper cleanup of memory used for negotiation key storage. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Stealth
NVD
CVSS 3.0
7.8
EPSS
0.3%
EPSS 0% CVSS 7.5
HIGH This Week

An issue discovered in Unisys Stealth 5.3.062.0 allows attackers to view sensitive information via the Enterprise ManagementInstaller_msi.log file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stealth
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 has an unquoted Windows search path for a scheduled task. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Microsoft Information Disclosure Stealth
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Unisys Stealth (core) 5.x before 5.0.048.0, 5.1.x before 5.1.017.0, and 6.x before 6.0.037.0 stores passwords in a recoverable format. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Stealth
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In Unisys Stealth (core) before 6.0.025.0, the Keycloak password is stored in a recoverable format that might be accessible by a local attacker, who could gain access to the Management Server and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Stealth
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unisys Stealth(core) before 4.0.134 stores passwords in a recoverable format. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Stealth
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Unisys Stealth 3.4.x, 4.x and 5.x before 5.0.026, if certificate-based authorization is used without HTTPS, an endpoint could be authorized without a private key. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Stealth
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unisys Stealth 3.3 Windows endpoints before 3.3.016.1 allow local users to gain access to Stealth-enabled devices by leveraging improper cleanup of memory used for negotiation key storage. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Stealth
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy